Improve Cloudfront notes regarding private buckets (#5225)

* Improve Cloudfront notes regarding private buckets

* Point to CloudFront docs

This is better than outlining the steps specifically. The API steps will be different and the specific parts of the web UI may change over time. Amazon's docs are more likely to be up to date.
This commit is contained in:
Sean P. Kane 2018-01-09 14:31:37 -08:00 committed by Misty Stanley-Jones
parent a6edcadac9
commit b5bbca9ed4

View file

@ -238,10 +238,14 @@ Defaults can be kept in most areas except:
### Origin:
The CloudFront distribution must be created such that the `Origin Path` is set
- The CloudFront distribution must be created such that the `Origin Path` is set
to the directory level of the root "docker" key in S3. If your registry exists
on the root of the bucket, this path should be left blank.
- For private S3 buckets, you must set `Restrict Bucket Access` to `Yes`. See
the [CloudFront documentation](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html).
### Behaviors:
- Viewer Protocol Policy: HTTPS Only
@ -277,5 +281,5 @@ middleware:
## CloudFront Key-Pair
A CloudFront key-pair is required for all AWS accounts needing access to your
CloudFront distribution. For information, please see [Creating CloudFront Key
CloudFront distribution. You must have access to your AWS account's root credentials to create the required Cloudfront keypair. For information, please see [Creating CloudFront Key
Pairs](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html#private-content-creating-cloudfront-key-pairs).